[DOCS-6320] Comment on: "manual/tutorial/install-mongodb-on-red-hat.txt" Created: 03/Oct/15  Updated: 03/Nov/17  Resolved: 27/Jul/16

Status: Closed
Project: Documentation
Component/s: None
Affects Version/s: None
Fix Version/s: 01112017-cleanup

Type: Bug Priority: Major - P3
Reporter: Docs Collector User (Inactive) Assignee: Kay Kim (Inactive)
Resolution: Won't Fix Votes: 0
Labels: collector-298ba4e7
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Location: https://docs.mongodb.org/manual/tutorial/install-mongodb-on-red-hat/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.132 Safari/537.36
Screen Resolution: 1920 x 1080
repo: docs
source: tutorial/install-mongodb-on-red-hat


Participants:
Days since reply: 7 years, 29 weeks ago

 Description   

The official MongoDB guide suggests that I add a `.repo` with `gpgcheck=0` over HTTP protocol. I'm getting the feeling that this is a very insecure setup - I am worried about exposing myself to MiTM attacks this way everytime I try to update my system within an untrusted network. Is this actually possible or are there any security mechanisms that I'm not aware of that would protect me from that? If not, is there any way to make this `.repo` setup more secure without relying on my OS's old packages or compiling the program from scratch?



 Comments   
Comment by Kay Kim (Inactive) [ 27/Jul/16 ]

JIRA housekeeping. If you need further assistance, please open new ticket for prioritization.

Regards,

Kay Kim

Generated at Thu Feb 08 07:52:04 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.